[Lxc-users] Forwarding packets from host to container
Nirmal Guhan
vavatutu at gmail.com
Wed Jan 12 19:00:41 UTC 2011
On Tue, Jan 11, 2011 at 5:35 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
> On Tue, Jan 11, 2011 at 5:34 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
>> On Tue, Jan 11, 2011 at 5:25 PM, Nirmal Guhan <vavatutu at gmail.com> wrote:
>>> Hi,
>>>
>>> How do I forward packets (ethernet frames included) from host to
>>> container. I plan to run a packet capture program (tcpdump for
>>> instance) within container that will capture the packets coming to
>>> host eth1 interface. I tried both using bridge and iptables but they
>>> do not seem to help.
>>>
>>> iptables -A FORWARD -i eth1 -o br1 -j ACCEPT and/or
>>> iptables -A FORWARD -i eth1 -o vethZtPPol -j ACCEPT
>>>
>>> Instead of the above, I also tried adding host eth1 to br1 but still
>>> tcpdump from container cannot see the packets sent to eth1 from
>>> external world.
>>>
>>> I use fedora 12 for both host and container.
>>>
>>> xc.network.type = veth
>>> lxc.network.link = br1
>>> lxc.network.name = eth1
>>> lxc.network.flags = up
>>> lxc.network.mtu = 1500
>>>
>>> -Nirmal
>>>
>> An update :
>> If I connect host eth1 to a bridge br2 and add
>> lxc.network.type = veth
>> lxc.network.link = br2
>> lxc.network.name = eth2
>> lxc.network.flags = up
>> lxc.network.mtu = 1500
>>
>> I can then see packets coming "into" eth2 (basically echo reply from
>> external machine) but not the ones "going out". Kindly help.
>> -Nirmal
>>
> A typo : packets coming "into" eth1 of the host...
>
Still trying...Any help on this will be much appreciated!!
-Nirmal
More information about the lxc-users
mailing list